On Sun, 13 Jul 2014, Michael Osipov wrote: > > On a side note, we are currently missing support for the GSSAPI > > mechanism and Winbind NTLM implementation in the email > > protocols. > > Are you implementing SASL your self for curl or do you use > CyrusSASL? I know that Windows has a native SASL impl but that > seems to be available on Windows Server only.
We currently have native support for the following SASL authentication mechanisms: CRAM-MD5, DIGEST-MD5, LOGIN, NTLM and PLAIN with support for extensions such as OAUTH2. This could be extended to include the HTTP authentication mechanisms as well and turn our SASL module into a more generic authentication layer that includes both SASL and HTTP mechanisms. I don't know enough about CyrusSASL at the moment but that was one of the third-party libraries I was thinking of that we could integrate with - if we wanted to. > > * Support both of these in the email protocols and any other > > protocols that can use authentication (For example I want to look > > at ldap in more detail afterwards) > > * Simplify the NTLM code as both native and SSPI is intermingled > > making it difficult to follow > > * Support third party sasl/authentication modules with relative > > ease > > More than that. I could be completely decoupled from HTTP and > used for any GSS/SSPI-based service, like HTTP, FTP, SMTP, IMAP, > etc. The low-end impl is always the same. Indeed - this is roughly what I had in mind and what I've started to do with curl_sasl.c and curl_sasl_sspi.c as they are shared by the three email protocols ;-) Kind Regards Steve ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
